def fill_user_context(self, context):
"""Fill user related context extra fields."""
user = self.request.user
context['is_admin'] = check_user_has_groups(user, 'admin')
context['is_teacher'] = check_user_has_groups(user, 'teacher')
context['is_student'] = check_user_has_groups(user, 'student')
context[
'is_qset_creator'] = context['is_admin'] or context['is_teacher']
context['is_question_creator'] = user.is_authenticated()
def get_user_profile_rank_list_context_data(request, profile_user, user_id,
selected_organization, viewer_id):
"""
Return the context data used in the user profile rank list view template.
"""
rank_list, total_users = get_user_profile_rank_list_and_total_users(
profile_user.id, request.user.id, selected_organization.id)
context_data = {
'profile_user':
profile_user,
'full_name':
compose_user_full_name_from_object(profile_user),
'viewer_user_id':
request.user.id,
'is_owner':
user_id == request.user.id,
'is_student':
check_user_has_groups(profile_user, 'student'),
'user_organizations':
get_user_organizations_for_filter(profile_user.id, viewer_id),
'rank_list':
rank_list,
'rank_list_total_users':
total_users,
'own_subjects':
tuple(),
'selected_organization':
selected_organization,
'select_url_name':
'askup:{}'.format(request.resolver_match.url_name),
}
context_data.update(
get_user_organization_statistics(user_id, selected_organization))
return context_data
def do_user_checks_and_evaluate(user, answer, evaluation, qset_id):
"""
Do user checks and evaluate answer for the answer evaluation view.
"""
evaluation_int = int(evaluation)
is_admin = check_user_has_groups(user, 'admin')
is_organization_qset = check_if_qset_is_organization(qset_id)
if is_organization_qset:
user_permitted = Organization.objects.filter(id=qset_id,
users__in=[user.id
]).exists()
else:
user_permitted = Organization.objects.filter(qset__in=[qset_id],
users__in=[user.id
]).exists()
if not is_admin and not user_permitted:
return False
# <answer> can be passed into this function as None if it was deleted in pair with the
# question it belongs before the evaluation request was sent
if evaluation_int in next(zip(*Answer.EVALUATIONS)) and answer:
answer.self_evaluation = evaluation_int
answer.save()
return True
def validate_answer_form_and_create(form, request, question,
started_from_qset_id):
"""
Validate answer form and create an Answer object on success.
Returns response dictionary to pass to the JsonResponse after.
"""
response = {'result': 'success'}
user = request.user
if form.is_valid():
text = form.cleaned_data.get('text')
is_admin = check_user_has_groups(request.user, 'admin')
if not is_admin and user not in question.qset.top_qset.users.all():
log.info(
'User %s have tried to answer the question without the permissions.',
user.id)
return redirect(reverse('askup:organizations'))
answer = Answer.objects.create(text=text,
question_id=question.id,
user_id=user.id)
response['evaluation_urls'] = get_evaluation_urls(
request, started_from_qset_id, answer.id)
else:
response['result'] = 'error'
return response
def question_vote(user, question_id, value):
"""Provide a general question vote functionality."""
question = get_object_or_404(Question, pk=question_id)
if user.id == question.user_id:
response = {
'result': 'error',
'message': 'You cannot vote for your own questions'
}
return JsonResponse(response)
is_admin = check_user_has_groups(user, 'admin')
if not is_admin and user not in question.qset.top_qset.users.all():
response = {
'result': 'error',
'message': 'You have no permissions to vote for this question'
}
return JsonResponse(response)
vote_result, message = question.vote(user.id, value)
if vote_result is False:
response = {'result': 'error', 'message': message}
else:
response = {
'result': 'success',
'message': message,
'value': vote_result
}
return JsonResponse(response)
def set_group_properties_to_request(request,
groups_to_set=('admin', 'teacher',
'student')):
"""Set _is_<group> like properties to the request object for later usage in view etc."""
for group in groups_to_set:
setattr(request, '_is_{}'.format(group),
check_user_has_groups(request.user, group))
def dispatch(self, request, *args, **kwargs):
"""
Check presence of required credentials and parameters.
Overriding the dispatch method of generic.ListView
"""
pk = self.kwargs.get('pk')
if not pk:
return redirect(reverse('askup:organizations'))
self._current_qset = get_object_or_404(Qset, pk=self.kwargs.get('pk'))
redirect_to_do = self.check_model_accordance(pk)
if redirect_to_do:
return redirect_to_do
applied_to_organization = self._current_qset.top_qset.users.filter(
id=request.user.id)
is_admin = check_user_has_groups(request.user, 'admin')
if not is_admin and not applied_to_organization:
return redirect(reverse('askup:organizations'))
return super().dispatch(request, *args, **kwargs)
def get_question_to_answer(request, question_id):
"""
Return a question corresponding to the user and question_id.
If user has no permissions to the organization of this questions - return None.
"""
question_queryset = Question.objects.filter(id=question_id)
if not check_user_has_groups(request.user, 'admin'):
question_queryset = question_queryset.filter(
qset__top_qset__users__id=request.user.id)
return question_queryset.first()
def wrapped_function(*args, **kwargs):
request = args[0] if isinstance(args[0],
WSGIRequest) else args[0].request
user = request.user
auth_check_result = do_redirect_unauthenticated(
user, request.get_full_path())
if auth_check_result:
return auth_check_result
if check_user_has_groups(user, required_groups):
set_group_properties_to_request(request)
return func(*args, **kwargs)
return redirect(reverse('askup:organizations'))